Cisco Talos reports a destructive attack on a Ukrainian critical infrastructure using a new wiper called “PathWiper,” which was deployed via legitimate administrative tools by suspected Russia-nexus advanced persistent threat actors. The attack reflects ongoing threats to Ukrainian systems despite the prolonged Russia-Ukraine conflict, emphasizing the importance of cybersecurity defenses. #PathWiper #HermeticWiper #UkraineCriticalInfrastructure #APTActor
Keypoints
- Cisco Talos detected a destructive attack on Ukrainian critical infrastructure using the new PathWiper malware.
- The attackers exploited legitimate endpoint management tools to deploy PathWiper across connected systems.
- PathWiper overwrites file system artifacts with random data, destroying storage media and system information.
- The malware targets drives and volumes by collecting storage info and overwriting both files and low-level disk structures.
- Various Cisco security products can help prevent and detect this type of malicious activity, including Cisco Secure Endpoint and Firewalls.
Read More: https://blog.talosintelligence.com/pathwiper-targets-ukraine/